映射到 CWE-89 的搜索结果 (4508)

CVE-2018-9924(发布:2018-04-10 02:29:00)NM
CVSS7.5

[原文]An issue was discovered in idreamsoft iCMS through 7.0.7. SQL injection exists via the pid array parameter in an admincp.php?app=tag&do=save&frame=iPHP request.

CVE-2018-8820(发布:2018-03-28 16:29:00)NMP
CVSS6.0

[原文]An issue was discovered in Square 9 GlobalForms 6.2.x. A Time Based SQL injection vulnerability in the "match" parameter allows remote authenticated attackers to execute arbitrary SQL commands. It is possible to upgrade access to full server compromise via xp_cmdshell. In some cases, the authentication requirement for the attack can be met by sending the default admin credentials.

CVE-2014-4959(发布:2018-03-27 12:29:00)NMCPS
CVSS7.5

[CNNVD]Google Android‘SQLiteDatabase.java’远程安全绕过漏洞--Google Android是美国谷歌(Google)公司和开放手持设备联盟(简称OHA)共同开发的一套以Linux为基础的开源操作系统。 Google Android中存在远程安全绕过漏洞。攻击者可利用该漏洞绕过安全限制,执行未授权操作。 ...

CVE-2018-8967(发布:2018-03-24 14:29:00)NM
CVSS7.5

[原文]An issue was discovered in zzcms 8.2. It allows SQL injection via the id parameter in an adv2.php?action=modify request.

CVE-2018-8943(发布:2018-03-22 17:29:00)NM
CVSS7.5

[原文]There is a SQL injection in the PHPSHE 1.6 userbank parameter.

CVE-2018-7528(发布:2018-03-22 14:29:01)NM
CVSS6.4

[原文]An SQL injection vulnerability has been identified in Geutebruck G-Cam/EFD-2250 Version 1.12.0.4 and Topline TopFD-2125 Version 3.15.1 IP cameras, which may allow an attacker to alter stored data.

12345678下一页尾页 第1页 / 共752页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站